Which of the following BEST enables an information security manager to demonstrate the effectiveness of the information security and risk program to senior management?
Option B, Audit reports, would be the best way to demonstrate the effectiveness of the information security and risk program to senior management. Audit reports provide an independent and objective evaluation of the program's controls, processes, and compliance with established policies and standards. These reports highlight any weaknesses or areas of improvement, allowing senior management to make informed decisions and take necessary actions to mitigate risk. Additionally, audit reports often include recommendations and action plans, which can further enhance the effectiveness of the program.
This section is not available anymore. Please use the main Exam Page.CISM Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
koala_lay
8 months, 2 weeks agorichck102
9 months, 1 week ago